CVE-2020-6303: XSS
First published: Tue Jan 14 2020(Updated: )
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting.
Credit: cna@sap.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP Disclosure Management | <10.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for SAP Disclosure Management?
The vulnerability ID for SAP Disclosure Management is CVE-2020-6303.
What is the severity of CVE-2020-6303?
The severity of CVE-2020-6303 is medium with a CVSS score of 5.4.
How does CVE-2020-6303 affect SAP Disclosure Management?
CVE-2020-6303 affects SAP Disclosure Management by allowing Cross-Site Scripting (XSS) attacks due to improper validation of user input in specific use cases.
What is the affected version of SAP Disclosure Management?
The affected version of SAP Disclosure Management is up to but not including version 10.1.
How can I fix CVE-2020-6303 in SAP Disclosure Management?
To fix CVE-2020-6303 in SAP Disclosure Management, update to version 10.1 or higher.
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/sap
- canonical/sap disclosure management